Hi guys i have a weird issue. if i try to connect to github or the linux mint forums i get timed out however if i use my 4g connection everything is fine.
At first i thought it was my dns so i changed my dns manually to googles and still no luck.The other day for some reason i tried to ping github and it resolved (so not dns) but still didn't connect.
Just wondering if this could possibly be pfblocker?
If you're using pfblocker then this is probably it, if it's blocking things like github then you're using the wrong lists. It's always a good idea to enable logging on any block or reject rules so you can see in the firewall log what's causing issues.
Thanks will have a look and see what I find.
Is there a way to allow sites to pass through?
Not reliably
Played around a little with pfblocker but no change.
Have you tried disabling it and checking if the sites work?
yeah i just uninstalled both squid and pgblocker to make sure.
just have to wait for my mrs to finish her show then i will restart pfsense and see how it goes
Made no difference however if I bypass pfsense it works fine.
What changes have you made to the default configuration? Check the firewall log because (assuming you have set blocking rules to log) you will see what rule is blocking the traffic, if it is a firewall issue.
hmm ok well i looked in the /system/firewall logs and there is nothing.
So i am stumped.
bypass pfsense and it works connect through pfsense and its blocked but nothing in the logs.
Presumably you're not running Snort, or Suricata, either?
nope it is back to bare install
It would seem to be a DNS issue, but I can't think of a good explanation off of the top of my head.
A bare install suggests that you are using the DNS forwarder, dnsmasq. What DNS resolvers have you configured? Google (8.8.8.8 and 8.8.4.4) may not be optimal for you, but is useful for diagnostic purposes.
yeah i had manual google dns set. I know it resolves as when i ping github.com it shows the ip.
nevermind though i just deleted pfsense. I was have a few seperate issues and it wasnt working the way i would like.
Sorry to hear of your troubles. I've been using pfSense for nearly a decade and it has always been brilliant for me.
I can only guess that those IPs were cashed and saved past their freshness dates and for some reason they are not being refreshed. Sorry to hear that you wiped pf off of the disk, you could have tried the Unbound resolver to see if that addressed the issue.
Thanks..
I only had it setup just to see how it works. Wasn't really a necessity. It is a good product I just don't have the patience for it
I will agree that even with its friendly interface, pfSense's broad scope of features requires a significant time investment, in order to master same.
Still, the default config should not prevent any host on the LAN interface from reaching desired Internet locations ... very puzzling!